X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Freq.c;h=6a19144931c68464549da95ea85b155fe334a924;hp=37670a07ce1c9047f45cc58a90753b858e441507;hb=da92be4d68bec81030838e3228ef0238c565af85;hpb=cdb182b55a15cd096475a1b65b40daeaa5aa91c6

diff --git a/apps/req.c b/apps/req.c
index 37670a07ce..6a19144931 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -644,6 +644,11 @@ bad:
 		if (inrand)
 			app_RAND_load_files(inrand);
 
+		if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey))
+			{
+			newkey=DEFAULT_KEY_LENGTH;
+			}
+
 		if (keyalg)
 			{
 			genctx = set_keygen_ctx(bio_err, keyalg, &pkey_type, &newkey,
@@ -652,12 +657,6 @@ bad:
 				goto end;
 			}
 	
-		if (newkey <= 0)
-			{
-			if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey))
-				newkey=DEFAULT_KEY_LENGTH;
-			}
-
 		if (newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA))
 			{
 			BIO_printf(bio_err,"private key length is too short,\n");
@@ -904,7 +903,7 @@ loop:
 
 	if (subj && x509)
 		{
-		BIO_printf(bio_err, "Cannot modifiy certificate subject\n");
+		BIO_printf(bio_err, "Cannot modify certificate subject\n");
 		goto end;
 		}
 
@@ -1159,15 +1158,12 @@ static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int multirdn,
 	/* setup version number */
 	if (!X509_REQ_set_version(req,0L)) goto err; /* version 1 */
 
-	if (no_prompt) 
+	if (subj)
+		i = build_subject(req, subj, chtype, multirdn);
+	else if (no_prompt) 
 		i = auto_info(req, dn_sk, attr_sk, attribs, chtype);
-	else 
-		{
-		if (subj)
-			i = build_subject(req, subj, chtype, multirdn);
-		else
-			i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs, chtype);
-		}
+	else
+		i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs, chtype);
 	if(!i) goto err;
 
 	if (!X509_REQ_set_pubkey(req,pkey)) goto err;
@@ -1490,7 +1486,13 @@ start:
 #ifdef CHARSET_EBCDIC
 	ebcdic2ascii(buf, buf, i);
 #endif
-	if(!req_check_len(i, n_min, n_max)) goto start;
+	if(!req_check_len(i, n_min, n_max))
+		{
+		if (batch || value)
+			return 0;
+		goto start;
+		}
+
 	if (!X509_NAME_add_entry_by_NID(n,nid, chtype,
 				(unsigned char *) buf, -1,-1,mval)) goto err;
 	ret=1;
@@ -1549,7 +1551,12 @@ start:
 #ifdef CHARSET_EBCDIC
 	ebcdic2ascii(buf, buf, i);
 #endif
-	if(!req_check_len(i, n_min, n_max)) goto start;
+	if(!req_check_len(i, n_min, n_max))
+		{
+		if (batch || value)
+			return 0;
+		goto start;
+		}
 
 	if(!X509_REQ_add1_attr_by_NID(req, nid, chtype,
 					(unsigned char *)buf, -1)) {
@@ -1649,6 +1656,8 @@ static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type,
 				keylen = atol(p + 1);
 				*pkeylen = keylen;
 				}
+			else
+				keylen = *pkeylen;
 			}
 		else if (p)
 			paramfile = p + 1;
@@ -1819,3 +1828,18 @@ int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
 	}
 		
 	
+
+int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
+			STACK_OF(OPENSSL_STRING) *sigopts)
+	{
+	int rv;
+	EVP_MD_CTX mctx;
+	EVP_MD_CTX_init(&mctx);
+	rv = do_sign_init(err, &mctx, pkey, md, sigopts);
+	if (rv > 0)
+		rv = X509_CRL_sign_ctx(x, &mctx);
+	EVP_MD_CTX_cleanup(&mctx);
+	return rv > 0 ? 1 : 0;
+	}
+		
+